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In the Claims 



1. (once amended) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound requests 
from the Internet for access to a web site of the system, comprising: 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address , 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and 
deleting users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of access 
levels and being capable of creating three types of user accounts that have unique user names and 
passwords for each user account including an administrator account that is self-configuring T and 
regular accounts with varying amounts of administrative privileges other than the privilege to 
create additional accounts or view information on any other accounts and regular accounts 
without administrative privileges and in addition a fourth type of us e r account namely one 
anonymous guest user account to be used by general users who have no system based user name 
or password , 

a first proxy server in one or a plurality of eaek user computers of a local area network 
with access to the world wide web, each of said first proxy server having a friendly outbound list 
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and an unfriendly outbound list only one of which is active at any given time, and having a 
friendly inbound list and an unfriendly inbound list only one of which is active at any given time, 
the friendly outbound list, the unfriendly outbound list, the friendly inbound list and the 
unfriendly iiibound lists being uniquely configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and register 
the request in a logfile of all web sites requested by a user, check the identity of a requesting 
client and of a requested URL against the friendly inbound, friendly outbound, unfriendly 
inbound or unfriendly outbound list maintained by the administrative module and then either 
approve the request, terminate the request or re-route the request without the knowledge of the 
user, 

a second proxy server without aft the administrative module or a the friendly or the 
unfriendly list placed between the first proxy server and the Internet located at a gateway of a the 
local area network system or at an Internet Service Provider of the local area network , the second 
proxy server being capable of communicating to a proxy of a destination or directly to a 
destination, said second proxy server having an Internet Protocol address known only to a holder 
of the administrator account or a regular account with administrative privileges, 

the first proxy server and the second proxy server have a network communication link 
between them. 

2. (original) The system of claim 1, wherein the second proxy server is a first proxy 
server but has an empty unfriendly outbound list. 

3. (original) The system of claim 1, wherein a third proxy server and/or additional proxy 
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servers forward inbound requests for resources to other proxy servers. 

4. (once amended) The system of claim 1, wherein the system is compatible with both 
dialup modern connection to the Intenie U a local area network and with virtual network ime 
connection. 

5. (once amended) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound requests 
from the Internet for access to a web site of the system, comprising: 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address, 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and 
deleting users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of access 
levels and being capable of creating three types of user accounts that have unique user names and 
passwords for each user account including an administrator account that is self-configuring T and 
regular accounts with varying amounts of administrative privileges oth e r than the privilege to 
create additional accounts or view information on any other accounts and regular accounts 
without administrative privileges and in addition a fourth type of user account namely one 
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anonymous guest usor account to be used by general users who havo no syst e m based user name 
or password , 

a first proxy server in eaeh one or a plurality of user computers of a local area network 
with access to the world wide web, each of said fist proxy server having a friendly outbound list 
and an unfriendly outbound list only one of which is active at any given time, and having a 
friendly inbound list and an unfriendly inbound list only one of which is active at any given time, 
the friendly outbound list, the unfriendly outbound list, the friendly inbound list and the 
unfriendly inbound lists being uniquely configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and register 
the request in a logfile of all web sites requested by a user, check the identity of a requesting 
client and of a requested URL against the friendly inbound, friendly outbound, unfriendly 
inbound or unfriendly outbound list maintained by the administrative module and then either 
approve the request, terminate the request or re-route the request without the knowledge of the 
user, 

a second proxy server without an the administrative module and without a the friendly or 
the unfriendly list placed between the first proxy server and the Internet located at a gateway of a 
the local area network system or at an Internet Service Provider of the local area network , the 
second proxy server being capable of communicating to a proxy of a destination or directly to a 
destination, said second proxy server having an Internet Protocol address known only to a holder 
of the administrator account or a regular account with administrative privileges, 

the first proxy server and the second proxy server have a communication link between 

them, 

and wherein inbound communications are arranged so that an actual location of a highly 
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sensitive an important resource is located in an unpublished location that is a replacement 
location to which requests rejected by the first proxy server are rerouted, wherein approved users 
are listed in the first proxy server in the unfriendly inbound list and are sent by the first proxy 
server to the replacement location, and wherein unapproved users are not iisted in the unfriendly 
inbound list and have their request sent to a published address that contains harmless 
unimportant information. 

6. (original) The system of claim 5, wherein the second proxy server is a first proxy 
server but has an empty unfriendly outbound list. 

7. (once amended) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound requests 
from the Internet for access to a web site of the system, comprising: 

a plurality of computer users each having a dynamically allocated Internet protocol 
address or a static Internet Protocol address, 

one or a plurality of user computers, each having a dynamica lly allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for inbound 
communications and for outbound communications, has list maintenance functions including list 
editing, list deleting, searching of lists, saving of lists, proxy chaining routing, adding and 
deleting users, interchanging lists and importing and exporting lists, 



6 



said administrative module located in a user computer for configuring a range of 
access levels and being capable of creating three types of user accounts that have unique 
user names and passwords for each user account including an administrator account that 
is self-configuring T and regular accounts with varying amounts of administrative 
privileges other than the privilege to create additional accounts or view information on 
any other accounts and regular accounts without administrative privileg e s and in addition 
a fourth type of user account namely one anonymous guest user account to be used by 
general users who have no system based user name or password , 

a first proxy server in eaeh one or a plurality of user computers of a local area 
network with access to the world wide web, each of said first proxy server having a 
friendly outbound list and an unfriendly outbound list only one of which is active at any 
given time, and having a friendly inbound list and an unfriendly inbound list only one of 
which is active at any given time, the friendly outbound list, the unfriendly outbound list, 
the friendly inbound list and the unfriendly inbound lists being uniquely configurable by 
each user, 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a logfile of all web sites requested by a user, check the identity of a 
requesting client and of a requested URL against the friendly inbound, friendly outbound, 
unfriendly inbound or unfriendly outbound list maintained by the administrative module 
and then either approve the request, terminate the request or re-route the request without 
the knowledge of the user, 

and wherein inbound communications are arranged so that an actual location of a 
highly sensitive resource is located in an unpublished location that is a replacement 
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location to which requests rejected by the first proxy server are rerouted, wherein 
approved users are listed in the first proxy server as unfriendly in the unfriendly inbound 
list and are sent by the proxy server to the replacement location, wherein unapproved 
users are not listed in the unfriendly inbound list and have their request sent to a 
published address that contains harmless unimportant information. 

8. (original) The system of claim 7, wherein the range of access levels ranges 
from maximum 100% access to full suspension. 

9. (new) The system of claim 1, wherein the three types of user accounts that have 
unique user names and passwords for each user account include an administrator account 
that is self-configuring, regular accounts with administrative privileges other than the 
privilege to create additional accounts or view information on any other accounts and 
regular accounts without administrative privileges and in addition a fourth type of user 
account namely one anonymous guest user account to be used by general users who have 
no system-based user name and password. 

10. (new) The system of claim 5, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
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have no system-based user name and password. 

11. (new) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound 
requests from the Internet for access to a web site of the system, comprising: 

a plurality of computer users, 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for 
inbound communications and for outbound communications, has list maintenance 
functions including list editing, list deleting, searching of lists, saving of lists, proxy 
chaining routing, adding and deleting users, interchanging lists and importing and 
exporting lists, 

said administrative module located in a user computer for configuring a range of 
access levels and being capable of creating three types of user accounts that have unique 
user names and passwords for each user account including an administrator account that 
is self-configuring and regular accounts with varying amounts of administrative 
privileges, 

a first proxy server in one or a plurality of user computers of a local area network 
with access to the world wide web, each of said fist proxy server having a friendly 
outbound list and an unfriendly outbound list only one of which is active at any given 
time, and having a friendly inbound list and an unfriendly inbound list only one of which 
is active at any given time, the friendly outbound list, the unfriendly outbound list, the 
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friendly inbound list and the unfriendly inbound list being uniquely configurable by each 
user, and 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a iogfiie of ail web sites requested by a user, check the identity of a 
requesting client and of a requested URL against the friendly inbound, friendly outbound, 
unfriendly inbound or unfriendly outbound list maintained by the administrative module 
and then either approve the request, terminate the request or re-route the request without 
the knowledge of the user. 

12. (new) The system of claim 11, wherein the first proxy server is in each and 
every user computer. 

13. (new) The system of claim 12, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

14. (new) The system of claim 1, wherein the first proxy server is in each and 
every user computer. 

15. (new) The system of claim 14, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

16. (new) The system of claim 5, wherein the first proxy server is in each and 
every user computer. 
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17. (new) The system of claim 16, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

18. (new) The system of claim 7, wherein the first proxy server is in each and 
every user computer. 

19. (new) The system of claim 18, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

20. (new) The system of claim 1, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

21. (new) The system of claim 5, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

22. (new) The system of claim 11, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

23. (new) The system of claim 5, wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 
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24. (new) The system of claim 23, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

25. (new) The system of claim 7, wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 

26. (new) The system of claim 25, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

27. (new) The system of claim 11, wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 

28. (new) The system of claim 27, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

29. (new) The system of claim 7, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
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have no system-based user name and password. 

30. (new) The system of claim 11, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administratoi 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
have no system-based user name and password. 

31. (new) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound 
requests from the Internet for access to a web site of the system, comprising: 

a plurality of computer users, 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for 
inbound communications and for outbound communications, has list maintenance 
functions including list editing, list deleting, searching of lists, saving of lists, proxy 
chaining routing, adding and deleting users, interchanging lists and importing and 
exporting lists, 

said administrative module located in a user computer for configuring a range of 
access levels and being capable of creating three types of user accounts that have unique 
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user names and passwords for each user account including an administrator account that 
is self-configuring and regular accounts with varying amounts of administrative 
privileges, a first proxy server in one or a plurality of user computers of a local area 
network with access to the world wide web, each of said fist proxy server having a 
friendly outbound list and an unfriendly outbound list only one of which is active at any 
given time, and having a friendly inbound list and an unfriendly inbound list only one of 
which is active at any given time, the friendly outbound list, the unfriendly outbound list, 
the friendly inbound list and the unfriendly inbound list being uniquely configurable by 
each user, 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a logfile of all web sites requested by a user, check the identity of a 
requesting client and of a requested URL against the friendly inbound, friendly outbound, 
unfriendly inbound or unfriendly outbound list maintained by the administrative module 
and then either approve the request, terminate the request or re-route the request without 
the knowledge of the user, 

a second proxy server without the administrative module and without the friendly 
or the unfriendly list placed between the first proxy server and the Internet located at a 
gateway of the local area network or at an Internet Service Provider of the local area 
network, the second proxy server being capable of communicating to a proxy of a 
destination or directly to a destination, said second proxy server having an Internet 
Protocol address known only to a holder of the administrator account or a regular account 
with administrative privileges, 

the first proxy server and the second proxy server have a communication link 
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between them, 

and wherein inbound communications are arranged so that an actual location of an 
important resource is located in an unpublished location that is a replacement location to 
which requests rejected by the first proxy server are rerouted, wherein approved users are 
not listed in the first proxy server in the friendly inbound list and are sent by the first 
proxy server to the replacement location, and wherein unapproved users are listed in the 
friendly inbound list and have their request sent to a published address that contains 
unimportant information. 

32. (new) The system of claim 31, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

33. (new) The system of claim 31, wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 

34. (new) The system of claim 33, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

35. (new) The system of claim 31, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 



15 



and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
have no system-based user name and password. 

36. (new) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet and for controlling inbound 
requests from the Internet for access to a web site of the system, comprising: 

a plurality of computer users, 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for 
inbound communications and for outbound communications, has list maintenance 
functions including list editing, list deleting, searching of lists, saving of lists, proxy 
chaining routing, adding and deleting users, interchanging lists and importing and 
exporting lists, 

said administrative module located in a user computer for configuring a range of 
access levels and being capable of creating three types of user accounts that have unique 
user names and passwords for each user account including an administrator account that 
is self-configuring and regular accounts with varying amounts of administrative 
privileges, 

a first proxy server in one or a plurality of user computers of a local area network 
with access to the world wide web, each of said first proxy server having a friendly 
outbound list and an unfriendly outbound list only one of which is active at any given 
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time, and having a friendly inbound list and an unfriendly inbound list only one of which 
is active at any given time, the friendly outbound list, the unfriendly outbound list, the 
friendly inbound list and the unfriendly inbound list being uniquely configurable by each 
user, 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a logfile of all web sites requested by a user, check the identity of a 
requesting client and of a requested URL against the friendly inbound, friendly outbound, 
unfriendly inbound or unfriendly outbound list maintained by the administrative module 
and then either approve the request, terminate the request or re-route the request without 
the knowledge of the user, 

and wherein inbound communications are arranged so that an actual location of a 
important resource is located in an unpublished location that is a replacement location to 
which requests rejected by the first proxy server are rerouted, wherein approved users are 
not listed in the first proxy server in the friendly inbound list and are sent by the proxy 
server to the replacement location, wherein unapproved users are listed in the friendly 
inbound list and have their request sent to a published address that contains unimportant 
information. 

37. (new) The system of claim 36, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

38. (new) The system of claim 36, wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
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connection. 



39. (new) The system of claim 38, wherein the range of access levels ranges from 

: -i r\r\rrf , r .n 

iiiaAimum iuuvo access iu iuh suspension. 

40. (new) The system of claim 36, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
have no system-based user name and password. 

41. (new) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet, comprising: 

a plurality of computer users, 

one or a plurality of user computers, each having a dynamically allocated Internet 
protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for 
outbound communications, has list maintenance functions including list editing, list 
deleting, searching of lists, saving of lists, proxy chaining routing, adding and deleting 
users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of 



18 



access levels and being capable of creating three types of user accounts that have unique 
user names and passwords for each user account including an administrator account that 
is self-configuring_and regular accounts with varying amounts of administrative 
privileges, 

a first proxy server in one or a plurality of user computers of a local area network 
with access to the world wide web, each of said first proxy server having a friendly 
outbound list and an unfriendly outbound list only one of which is active at any given 
time, the friendly outbound list and the unfriendly outbound list being uniquely 
configurable by each user, 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a logfile of all web sites requested by a user, check the identity of a 
requested URL against the friendly outbound list or unfriendly outbound list maintained 
by the administrative module and then either approve the request, terminate the request or 
re-route the request without the knowledge of the user, 

a second proxy server without the administrative module or the friendly or the 
unfriendly list placed between the first proxy server and the Internet located at a gateway 
of the local area network or at an Internet Service Provider of the local area network, the 
second proxy server being capable of communicating to a proxy of a destination or 
directly to a destination, said second proxy server having an Internet Protocol address 
known only to a holder of the administrator account or a regular account with 
administrative privileges, 

the first proxy server and the second proxy server have a network communication 
link between them. 
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42. (new) The system of claim 41, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
have no system-based user name and password. 

43. (new) The system of claim 41, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

44. (new) The system of claim 41 wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 

45. (new) The system of claim 44, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

46. (new) A versatile customizable combination system for providing filtering of 
outbound requests for access to web sites on the Internet, comprising: 

a plurality of computer users, 

one or a plurality of user computers, each having a dynamically allocated Internet 
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protocol address or a static Internet Protocol address, 

an administrative module/interface that includes configuration settings for 
outbound communications, has list maintenance functions including list editing, list 
deleting, searching of lists, saving of lists, proxy chaining routing, adding and deleting 
users, interchanging lists and importing and exporting lists, 

said administrative module located in a user computer for configuring a range of 
access levels and being capable of creating three types of user accounts that have unique 
user names and passwords for each user account including an administrator account that 
is self-configuring and regular accounts with varying amounts of administrative 
privileges, 

a first proxy server in one or a plurality of user computers of a local area network 
with access to the world wide web, each of said fist proxy server having a friendly 
outbound list and an unfriendly outbound list only one of which is active at any given 
time, the friendly outbound list and the unfriendly outbound list being uniquely 
configurable by each user, and 

said first proxy server programmed to receive a request from an HTTP client and 
register the request in a logfile of all web sites requested by a user, check the identity of a 
requested URL against the friendly outbound or unfriendly outbound list maintained by 
the administrative module and then either approve the request, terminate the request or 
re-route the request without the knowledge of the user. 

47. (new) The system of claim 46, wherein the three types of user accounts that 
have unique user names and passwords for each user account include an administrator 
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account that is self-configuring, regular accounts with administrative privileges other 
than the privilege to create additional accounts or view information on any other accounts 
and regular accounts without administrative privileges and in addition a fourth type of 
user account namely one anonymous guest user account to be used by general users who 
have no system-based user name and password. 

48. (new) The system of claim 46, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 

49. (new) The system of claim 46 wherein the system is compatible with dialup 
modem connection to the Internet, a local area network and with virtual network 
connection. 

50. (new) The system of claim 49, wherein the range of access levels ranges from 
maximum 100% access to full suspension. 
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